I can understand the first unlock from waking up from sleep. For the
second, bump your debug_level in sssd.conf up to 7 and then check to see
if you have any "Got request" lines in /var/log/sssd/sssd_domain.log for
the second login attempt from the lock screen. You should be able to
see if it is using cached creds or actively trying to parse the domain
server.
Can you paste your sssd.conf also?
On 05/18/2017 10:58 AM, Joakim Tjernlund wrote:
Sequence:
login into MATE or Plasma
suspend to ram
wait until krbtgt expires
wakeup computer
unlock screen
klist will show the old expired ticket.
lock/unlock screen again(well after networking is up)
klist still shows the old ticket.
No SSO/NFS possible until manually doing a kinit to get a fresh ticket
Anyone else see this?
Jocke
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org